Fix performance regression caused by r116009 by disabling the use of
64bit math in FractionalLayoutUnit, simplifying the pixelSnappedMaxX/Y
math, inlining a couple of methods and replacing the literal 0 (zero)
with ZERO_LAYOUT_UNIT.

No new tests, no change in functionality.

platform/FractionalLayoutUnit.h:

(WebCore::boundedMultiply):
(WebCore::operator*):
(WebCore::operator/):
Disable the use of 64bit (long long) math in the case where the fraction
is set to 1.

Currently we pass Entry's fullPath to AsyncFileSystem layer where
we convert the given path to filesystem URL which includes origin and
filesystem type information, but in that way we cannot handle
cross-filesystem operations (e.g. cross-filesystem copy and move)
well since we end up with always attaching the source filesystem's
origin and type information for argument paths.

This patch does:

change AsyncFileSystem's operation methods not to take entry paths
but complete filesystem URLs.

DOMFileSystemBase instance have filesystem type and rootURL (they were
held by AsyncFileSystem previously)
(WebCore::DOMFileSystemBase::create): Changed to take additional parameters.
(WebCore::DOMFileSystemBase::type): Added.(Moved from AsyncFileSystem::type)
(WebCore::DOMFileSystemBase::rootURL): Added.(Moved from AsyncFileSystem::rootURL).

implementation. Almost all of the code is moved from AsyncFileSystemChromium.
(WebCore::DOMFileSystemBase::isValidType):
(WebCore::DOMFileSystemBase::crackFileSystemURL):
(WebCore::DOMFileSystemBase::supportsToURL):
(WebCore::DOMFileSystemBase::createFileSystemURL):
(WebCore::DOMFileSystemChromium::createIsolatedFileSystem):

Currently we pass Entry's fullPath to AsyncFileSystem layer where
we convert the given path to filesystem URL which includes origin and
filesystem type information, but in that way we cannot handle
cross-filesystem operations (e.g. cross-filesystem copy and move)
well since we end up with always attaching the source filesystem's
origin and type information for argument paths.

This patch does:

move filesystem-type related code out of AsyncFileSystemChromium.cpp
(moving into DOMFileSystemChromium.cpp)

change AsyncFileSystemChromium's methods implementation not to take
entry paths but complete filesystem URLs.

Testing contains() and intersects() requires a copy which ends up
invoking a malloc on sufficiently complicated web pages, and slows down
the test unnecessarily. These methods can be done by iterating over the
Region::Shape values rather than making a copy of the entire region and
manipulating it.

This uses Region::Shape::compareShapes() to walk the query regions and
compute the result of the intersects or contains tests without making a
copy.

This change improves the performance of the Region overlap testing for
composited layers, and allows for testing contains() before unite() to
avoid unnecessary copies of the Region when inserting into complex
Regions. With a layout test that has 225 composited layers, and tests
Region.intersects() for 1000 layers above them, this change decreases
the running time of the test by 1.2% by avoiding a copy of the 225
rects each time.

(WebCore::InlineTextBox::paintDecoration):
Inform the decoration color retriever if this box is part of the first line box or not.

rendering/RenderObject.cpp:

(WebCore::decorationColor):
Changed the argument from RenderObject* to RenderStyle*. As this function is just a helper to getTextDecorationColors
as used RenderObject solely to retrieve the corresponding RenderStyle, which(RenderStyle*) was already available with the latter function.

(WebCore::RenderObject::getTextDecorationColors):
Take a new variable to check if first line style or the regular style has to be used.
Sends RenderStyle* as an argument to decorationColor().

platform/qt-linux/fast/css/first-line-text-decoration-inherited-from-parent-expected.txt: Added.
This test checks if the text-decoration and text color is chosen properly in the case where
the first-line style is inherited from a parent and contains such text-decorations.

The function name was ambiguous as it was not a general purpose function but was
working directly on HTMLFrameOwnerElement. The rename makes this more obvious as
well as removes the explicit dependency on RenderLayer.

One of the slight change of this refactoring is that we now always null-check the
HTMLFrameOwnerElement's renderer as part windowClipRectForFrameOwner as I don't see
any evidence for the other code paths not to hit that. Also we may recur more on our
frame tree if we have no layer as we now call windowClipRect() in this case.

page/FrameView.h:

(FrameView):

plugins/PluginView.cpp:

(WebCore::PluginView::windowClipRect):

WebCore.exp.in:

WebCore.order:

page/FrameView.cpp:

(WebCore::FrameView::windowClipRect):
Updated after windowClipRectForLayer name and signature change.

(WebCore::FrameView::windowClipRectForFrameOwner):
This function now takes the HTMLFrameOwnerElement directly.

plugins/PluginView.cpp:

(WebCore::PluginView::PluginView):
(WebCore::PluginView::create):

plugins/PluginView.h:

(PluginView):
Updated |m_element| to be an HTMLPlugInElement as this was what was
passed by every caller. This makes the conversion to HTMLFrameOwnerElement
possible.

Source/WebKit/chromium:

src/WebPluginContainerImpl.cpp:

Updated after windowClipRectForLayer name and signature change.

Source/WebKit/win:

WebCoreSupport/EmbeddedWidget.cpp:

(EmbeddedWidget::windowClipRect):
Updated after windowClipRectForLayer name and signature change.

WebCoreSupport/EmbeddedWidget.h:

(EmbeddedWidget):
(EmbeddedWidget::EmbeddedWidget):
Updated the internal DOM pointer to be an HTMLPlugInElement
as it was what was passed in anyway. Also fixed some style
issues detected by our tools.

Source/WebKit2:

WebProcess/Plugins/PluginView.cpp:

(WebKit::PluginView::clipRectInWindowCoordinates):
Updated after windowClipRectForLayer name and signature change.

The revision that broke this, introduced a way to sanitize the markup when deleting a range selection.
iCloud listens for DOM modification events and clears the selection, altering the input method state.
The fix consists in adding a paramenter to DeleteSelectionCommand to control when we sanitize the
markup.

No new tests. This should not change functionality, only increase performance.

platform/graphics/cairo/ImageBufferCairo.cpp:

(WebCore::ImageBuffer::copyImage): Add an implementation that knows how to avoid copying the backing store.
(WebCore::ImageBuffer::draw): Use the copyImage constructor now that it knows how to
avoid copying the backing store.
(WebCore::ImageBuffer::drawPattern): Ditto.

platform/graphics/texmap/TextureMapperLayer.cpp:

(WebCore::TextureMapperLayer::updateBackingStore): Use DontCopyBackingStore for Cairo
as well.

(WebCore::CGImageEncodeToData): Image encoding helper: encode the image using the
uti-defined encoder (PNG/JPEG/etc) and output to the given CFMutableDataRef data.
(WebCore):
(WebCore::CGImageToDataURL): Refactor to use CGImageEncodeToData().

When an element is being split due to a column span element being
inserted, any of its ancestors that are underneath the column
containing block also get split. If an ancestor has an object in
its positioned object list from a previous layout, then the list
will have to be cleared because the positioned object could have moved
to be under the continuation. This patch causes the list to be
cleared.

rendering/RenderBlock.cpp:

(WebCore::RenderBlock::splitBlocks):

LayoutTests:

Test exercises crashing condition in bug 85074. It creates a column
span that requires multiple layers of splitting blocks from the
element that contains the columns, puts a positioned element underneath
one of the split blocks, and then causes a reattach of the column span
element.

Determine the text colors and selection colors before painting the
background behind the text. This is because when determining whether
to invert the selection background, the selection text color should be
used instead of the regular text color. With this patch, the selection
text color is passed to 'paintSelection' so that the selection
background can be compared against it, instead of comparing against the
CSSPropertyColor value.

This adds support for op_create_arguments to the DFG. No other arguments-related
opcodes are added by this change, though it does add a lot of the scaffolding
necessary for the other ops.

This also adds GetByVal/PutByVal optimizations for Arguments.

Finally, this rationalizes slowPathCall with no return. Previously, that would
work via callOperation() overloads that took InvalidGPRReg as the return GPR.
But that creates awful ambiguity, since we had template functions that were
polymorphic over all parameters except the second, which was a GPRReg, and a
bunch of non-template overloads that also potentially had GPRReg as the second
argument. I finally started to hit this ambiguity and was getting absolutely
bizarre compiler errors, that made me feel like I was programming in SML. So,
I changed the no-argument overloads to take NoResultTag instead, which made
everything sensible again by eliminating the overload ambiguity.

(WTR::InjectedBundle::didReceiveMessage): pass in the dictionary containing keys needed to initialize
dump callbacks for the layoutTestController.
(WTR::InjectedBundle::booleanForKey): Helper function to extract boolean value from key in WKDictionaryRef.
Output some warning if we are trying to extract a value that is not a boolean.
(WTR::InjectedBundle::beginTesting): Update to take in the dictionary passed in by the TestController.
We cannot set the bits on the layoutTestController until it has been created in beginTesting().

Update IDBObjectStore.openCursor, IDBIndex.openCursor,
IDBIndex.openKeyCursor, IDBDatabase.transaction,
IDBCursor.direction, IDBTransaction.mode, and
IDBRequest.readyState to meet the latest spec. All of these APIs
now support string-based values in addition to the
legacy/deprecated enum-based values.

Creates a layer delegate class to provide link highlight animations for link-preview feature.
These are added to a GraphicsLayerChromium via provided methods. Moves dispensing of animation
ids into a separate class.

The divide-by-zero occurs in an innocuous case where the layers
are probably invisible anyway. However, producing Infs and NaNs
could cause values to be used when un-intended, so its appropriate
to handle the divide-by-zero correctly.

No change in behavior. Covered by fast/canvas/webgl/premultiplyalpha-test.html

platform/graphics/cg/ImageBufferCG.cpp:

(WebCore::ImageDataToDataURL): Remove the need to stuff the alpha channel with 255.
Rename dataVector to premultipliedData and verify that its resize() worked. Rewrite
the premultiplication loop without the alpha channel = 255 part and ask the CG JPEG
encoder to ignore the alpha channel (kCGImageAlphaNoneSkipLast) instead.

Removing the intentional state change to PAUSED on didEnd().
My understanding is that the fix works because the additional
state transition to PAUSED was resetting the internal m_seeking state to early,
so that updatePlayState() in HTMLMediaElement was not able to
correctly figure out/recover playstate after seeking.

No new tests, covered by existing media tests, and fixing
video-seek-past-end-playing.html flakiness on GTK, failure on EFL.

platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:

LayoutTests:

video-seek-past-end-playing.html should work reliably after fix, removing.

RenderBlock::removeChild can bring up the children from last single anonymous block,
causing |nextSibling| in RenderBlock::updateFirstLetterStyle to go stale. We prevent
this by removing the child safely using removeChildNode before destroying it.

Renamed WebMediaStreamCenter::didConstructMediaStream to didCreateMediaStream,
and change so that it is only called for MediaStreams created from JS.
Also send out the WebMediaStreamDescriptor non-const instead.

CCLayerTreeHost::setContentsMemoryAllocationLimitBytes needs to call setNeedsCommit after adjusting memory
limits, so that we push a new frame. In particular, when returning from non visibile state, we adjust
memory allocation from 0 to non 0, and we need to push a non blank frame.

The model with MediaStreamDescriptor and MediaStream (and LocalMediaStream)
allows the JavaScript objects (MediaStream and LocalMediaStream) to be
cleaned up while the MediaStreamDescriptor lives on to manage the stream in
the platform. This happens for example when a URL is created to represent
a MediaStream (using createObjectURL()). In that case, the MediaStreamDescriptor
is put into the MediaStreamRegistry and even though the MediaStream object is
lost, the URL still works since the descriptor is kept in the registry.

The changes introduced in r113460 (​http://webkit.org/b/83143) turned
MediaStream and LocalMediaStream into ActiveDOMObjects. For example on page
reload, LocalMediaStream calls MediaStreamCenter::didStopLocalMediaStream()
via its ActiveDOMObject::stop() method. However, when a page reload occurs,
the LocalMediaStream object may have been cleaned up already and
MediaStreamCenter::didStopLocalMediaStream() will not be called.

One way to make the behavior consistent would be to call
MediaStreamCenter::didStopLocalMediaStream() when the descriptor is cleaned up,
cause then we wouldn't be dependent on the LocalMediaStream object being alive.
However, calling MediaStreamCenter::didStopLocalMediaStream() might not be the
correct thing to do when all references to the descriptor are lost since there
can be MediaStream objects constructed from the tracks of the LocalMediaStream
that should continue to work. MediaStreamCenter::didStopLocalMediaStream() was
intended for LocalMediaStream.stop() which is used to revoke access to devices;
that should not necessarily happen when the descriptor of a LocalMediaStream is
cleaned up. If it's necessary for some ports to signal to the platform that a
MediaStreamDescriptor is cleaned up, then I would suggest adding a new function,
willDestroyMediaStreamDescriptor(), to the MediaStreamCenter interface.

The current resolution is to make MediaStream a ContextDestructionObserver
instead of an ActiveDOMObject.

ewk_settings_icon_database_path_set calls asynchronous method WebCore::iconDatabase().open().
There is no notification when the new path is set by WebCore.
Moreover ewk_settings_icon_database_path_set keeps the new path in a local variable.

To retrieve path to icon database ewk_settings_icon_database_path_get can be called.
It first checks flags whether icon databse is opened and enabled. There is possibility
that icon database has been set through API but it hasn't been opened by WebCore yet.
So as a result ewk_settings_icon_database_path_get returns NULL because WebCore hasn't
set an appropriate flag yet.

It may happen while icon database set/get sequences.
Information whether icon database is opened/enabled should be exposed by separate API.

Initialize the test platform plugin before initializing
the web process if we are in a WTR run.
It is necessary to place this initialization here as we
cannot control wich platform plugin will be used after
the instantiation of the QApplication.

qt/MainQt.cpp:

(initializeTestPlatformPluginForWTRIfRequired):
(main):

Tools:

Added QtTestPlatformPlugin as a new project under Tools.
This is a Qt5-ish platform plugin that can be used to tweak the
platform support interfaces in order to unify layout test results.
For now it only overrides the font database on Mac and redirects
everything else to the real platform plugin. The font database it
provides mimics the way how we set up test fonts with fontconfig on Linux.
Make DumpRenderTree and WebKitTestRunner use this platform plugin.

Flakiness was caused by the fact that
media/crash-closing-page-with-media-as-plugin-fallback.html and
media/video-poster-blocked-by-willsendrequest.html use the same PNG
file as poster attribute in the video tag. The PNG file gets cached
when the first test is executed and this somehow causes the second
test to fail.

The flakiness was addressed by clearing the memory and page caches
between tests.

When generate-feature-files generates features.pri it provides a value
for every possible ENABLE_. In prepration for landing generate-feature-files
it seems appropriate to add a value for all possible ENABLEs to the existing
features.pri. This lets me make sure that I'm getting them all right!

We currently make a copy of the data structures when restoring a cached stylesheet. This patch lets us share
the data until someone uses a mutating CSSOM API to modify the sheet.

The patch implements copy-on-write for the internal style sheet data structures. If any mutating CSSOM API is
invoked, we check if the mutation is safe (there is only one client, the sheet is not cached). If not then the
internal structures are copied and any existing CSSOM objects are re-attached to the new style tree. The copied
tree is mutated while the other clients stay attached to the original tree.

Sharing can save significant amount of memory on sites with large stylesheets. For example if you have
multiple articles open on wsj.com this saves ~2.6MB per tab.

This patch updates our CSP violation reports to include all the fields
in the spec. We've discussed all these fields in the working group,
and we have fairly high confidence that these are safe to expose.

The patch improves the performance of getting a cached JS wrapper
by getDOMXXXXMap(). For example, it improves the performance
of toV8(NodeList*) in getElementsByTagName(), getElementsByName(),
getElementsByClassName() by 7 ~ 9%.

Unfortunately we cannot observe performance improvement in
Dromaeo/dom-query.html, which are testing getElementsByTagName(),
getElementsByName(), getElementsByClassName(). This is because
the bottleneck of these Dromaeo tests is not toV8(NodeList*) but
.length and .nodeType accesses. The patch for optimizing them
will be coming soon.

This patch changes ContentSecurityPolicy to use JSON format for sending
violation reports rather than wwwform-encoding. This patch aligns our
behavior with the specification and with Mozilla. A follow up patch
will update the list of fields in the report to match the spec.

Implemented class AutofillBackingStore which is responsible
for handling interaction with autofill database.

Replaced static function
CredentialBackingStore* CredentialBackingStore::instance()
with a helper function
CredentialBackingStore& credentialBackingStore(),
and used DEFINE_STATIC_LOCAL to construct the singleton
object.
Also removed unnecessary function close() and combined with
the destructor of class CredentialBackingStore.

Even after this patch, workers aren't smart enough to enforce
multiple policies. They just use the first header, like they did
before. We'll need to teach workers how to enforce multiple
policies in a future patch.

WebVideoFrameProviderClient has a 1:1 relationship with a
WebVideoFrameProvider. The client here is CCVideoLayerImpl and the
provider is WebMediaPlayerClientImpl. If the provider gets a new
client, then the old client needs to be informed to stop using the
provider.

If this doesn't happen, then the old client will have an unsafe
pointer to the provider, will not get informed if the provider gets
deleted, and the client will crash when it dereferences the provider
pointer trying to tell the provider that its client is going away.

Set autofilled status of credential input fields when credential
information is auto filled by CredentialManager.
By doing this the input element will get painted with yellow background
which can notify user this input field is auto filled by the browser.

We currently make a copy of the data structures when restoring a cached stylesheet. This patch lets us share
the data until someone uses CSSOM to modify the sheet.

The patch implements copy-on-write for the internal style sheet data structures. If any mutation CSSOM API is
invoked, we check if the stylesheet can be safely mutated (we are the only client, it is not cached). If not
then the internal structures are copied and any existing CSSOM objects are re-attached to the new tree.

Sharing can save significant amount of memory on sites with large stylesheets. For example if you have
multiple articles open on wsj.com this saves ~2.6MB per tab.

Hook up the new WebPreference for disabling requestAnimationFrame
to Settings. This isn't disabling the feature in the typical
WebKit ENABLE() way - it's still available in the DOM, it's
just that the animations will never be serviced. This allows a client
to disable the machinery without breaking content (other than the
animations).

The new test is currently skipped on all platforms because toggling
the preference interferes with the other tests that are running
at the same time (and expect a working requestAnimationFrame).​https://bugs.webkit.org/show_bug.cgi?id=85689

Test: fast/animation/request-animation-frame-disabled.html

dom/ScriptedAnimationController.cpp:

(WebCore::ScriptedAnimationController::serviceScriptedAnimations):
(WebCore::ScriptedAnimationController::windowScreenDidChange):
(WebCore::ScriptedAnimationController::scheduleAnimation):
Check the setting before deciding to act.

A new test that exercises turning the requestAnimationFrame
preference off. Unfortunately this conflicts with the parallel
tests that expect the preference to be on (as it should by default),
so the test is skipped on all platforms. It can be run in isolation.​https://bugs.webkit.org/show_bug.cgi?id=85689

All messages go to a single queue that gets iterated over by dispatchMessages(). If an input
event arrives in the middle of a flood of messages, all of them will be dispatched before the
input event is dispatched.

In other words, the first dispatchMessages() call will process all of the messages in the queue,
and all subsequent dispatchMessages() calls will act as no-ops, since there is nothing in the queue.

To fix this, we rename dispatchMessages to dispatchOneMessage, and only process one message at a
time.

After r116209, the XDG_DATA_DIRS environment variable is now
passed by webkitpy's layout_tests code to run-with-jhbuild, so
instead of setting a few defaults in jhbuildrc we can now rely on
the values set and really used by each system.

Increase the display ID for the Xvfb process to use if pixel_tests argument
is true rather than if pixel_tests option is present. This fixes the
XvfbDriver in the same way r115825 fixed the now-redundant GtkDriver.

This is sort of a follow-up to r100674: $XDG_DATA_DIRS should be
preserved, as it is particularly useful for Linux/Unix
environments. As a real use case, if shared-mime-info is
installed into a non-trivial prefix, Glib and other libraries will
have trouble to properly identify mimetypes (in ResourceResponses,
for example) as the base freedesktop.org mimetype file will not be
found.

The gist of the change is that leaf non self-painting layers don't need to be painted as their
associated RenderBoxModelObject should properly paint itself without any help.

For RenderLayer trees that have a large number of leafs nodes (like a table with a leaf RenderLayer for
each cells), not bailing out is a big overhead as it ends up doing a lot of computation for no real
painting. See ​http://dglazkov.github.com/performance-tests/biggrid.html for a benchmark for that. On
my machine, it reduces the paint time when scrolling to 70ms from 120ms (45% speedup).

Test: webaudio/oscillator-scheduling.html
to be landed separately to get proper platform baselines

Modules/webaudio/AudioBufferSourceNode.cpp:

(WebCore::AudioBufferSourceNode::process):
Simplify/remove zeroing-out silence at end of buffer, since it's now handled in the base-class AudioScheduledSourceNode::updateSchedulingInfo().

Modules/webaudio/AudioContext.cpp:

(WebCore::AudioContext::createBufferSource):
Improve comment about ownership and dynamic-lifetime of AudioBufferSourceNode.

(WebCore::AudioContext::createOscillator):
AudioContext keeps a reference to the Oscillator and that reference is released in AudioScheduledSourceNode,
when it has finished playing.

Modules/webaudio/AudioScheduledSourceNode.h:

Modules/webaudio/AudioScheduledSourceNode.cpp:

(WebCore::AudioScheduledSourceNode::updateSchedulingInfo):
updateSchedulingInfo() is now responsible for zeroing out the very start (before a note starts)
and the very end (after note ends) of the output AudioBus. We've also simplified the number
of arguments passed to this method, because of this. It now handles playbackState transition to FINISHED_STATE.

Modules/webaudio/Oscillator.cpp:

(WebCore::Oscillator::Oscillator):
(WebCore::Oscillator::calculateSampleAccuratePhaseIncrements):
The frequency value needs to snap immediately to its correct value the very first time.
This bug needs to be fixed here so that the Oscillator layout scheduling test works correctly.

(WebCore::Oscillator::process):
Since Oscillator in now changing to be a AudioScheduledSourceNode, we need to call AudioScheduledSourceNode::updateSchedulingInfo()
to handle playbackState for us.

(WebCore::CGImageToDataURL): Move the invalid image (!image) test here.
The comments are about JPEG images; say that. Rename out to base64Data.
(WebCore::ImageBuffer::toDataURL): Remove the !image test.
(WebCore::ImageDataToDataURL): Move and define variables where used and
make the code flow read similarly to toDataURL. Remove the !image test.

Earlier, we were relying on WebCore behavior that always called
setNeedsDisplay whenever the layer tree structure changed.
However, in general it is more correct to consider layer tree
changes even when things don't need repainting; for example Aura
code is encountring this bug now. This patch corrects the
compositor so that layer tree structural changes are considered
property changes, without requiring that layers needed to be
repainted.

This regression was introduced with the work to remove redundant divs.
When we decide to remove a DIV, we need to adjust the selection, if it is
expressed in terms of the node being removed. The new position was computed
using updatePositionForNodeRemoval that was not designed for the case where we
remove preserving children.
This patch adds a new method to CompositeEditCommand to do this properly.

This flag checks for missing files, which cause compile times to be
slow on Windows. Since this flag is on by default for the
build.chromium.org bots, we should add it here too so everyone can fix
these errors.

Force a repaint before displaying the newly exited WebView window. This gives the window
a chance to seamlessly repaint before enabling screen updates.

Also, send the WebProcess the didExitFullScreen and setAnimatingFullScreen(false) messages
after swapping the WebView back into its original window. Doing otherwise seems to cause
forceRepaint to paint a white frame.

SVG root elements are still painted on pixel boundaries, so their children should
apply transforms based on their actual painted location, not their sub-pixel
one. This corrects a clipping and painting issue where these sub-pixel units are
incorrectly applied to the graphics context.

(-[WKView initWithFrame:contextRef:pageGroupRef:]):
Set the scale factor before initializing the page, to ensure that the WebPageCreationParameters struct gets the right scale factor.

UIProcess/WebPageProxy.cpp:

(WebKit::WebPageProxy::setIntrinsicDeviceScaleFactor):
This can now be called with a null drawing area. Also, remove the isValid() check since we still want to update the scale factor even if the web process has crashed.

WebProcess/WebPage/WebPage.cpp:

(WebKit::WebPage::WebPage):
Set the device scale factor from the creation parameters.

This patch refactors the ContentSecurityPolicy state into a separate
DirectiveList class to prepare for​https://bugs.webkit.org/show_bug.cgi?id=85561, which will cause us to
need two directive lists: one for enforcement and one for monitoring.

RenderBlock::removeChild forgot to set display on the anonymous block, causing it
to display as INLINE. To prevent this kind of failure in future, we replace
createAnonymousStyle with createAnonymousStyleWithDisplay to make everyone explictly
pass display as the argument.

When given an initial or final frame with a zero width or height, return a rect representing
the entire screen, rather than a rect with a zero or infinite size. Doing otherwise will
confuse the window server when it's instructed to scale the full screen window to that size.

WebView/WebFullScreenController.mm:

(windowFrameFromApparentFrames):

Source/WebKit2:

When given an initial or final frame with a zero width or height, return a rect representing
the entire screen, rather than a rect with a zero or infinite size. Doing otherwise will
confuse the window server when it's instructed to scale the full screen window to that size.

An assert is hit when re-loading database from backing store due to stale index
metadata entry. Do a range delete to clear all metadata entries when deleting an
index. Define metadata entries as enum and limits as consts instead of hardcoded ints.

No new tests - issue does not repro as layout test. Will land test in Chromium.

Store the response message by catching the "got-headers" signal so
that it can be passed later to willSendRequest() in case of
redirection. This is required because the SoupMessage headers and URL
have already been updated once restartedCallback() is called.

Unskip http/tests/misc/will-send-request-returns-null-on-redirect.html
and http/tests/loading/307-after-303-after-post.html now that the
response passed to willSendRequest is correct and now that the right
redirect URL is being printed in EFL port.

Unfortunately, http/tests/loading/redirect-methods.html cannot be
unskipped yet due to bug 66873.

Move getNormalizedMIMEType from WebKit into MIMETypeRegistry. This way we support uncommon mime types like image/pjpeg
and image/x-ms-bmp out of the box since we map to the more common image/jpeg and image/bmp respectively.

(WebKit::EditorClient::handleInputMethodKeyboardEvent): Update an
assertion to reflect a real method name in PlatformKeyboardEvent
and remove an unnecessary call to preventDefault() which triggered
an assertion failure higher in the call stack.

Some API clients pass in nil requests or requests with nil URLs.
In r112571 we started rewriting these URLs resulting in an exception.
Since we've supported nil requests until now, we should not try to rewrite these URLs.

WebView/WebFrame.mm:

(-[WebFrame loadRequest:]): Don't try to rewrite invalid URLs if they are also null.

This will greatly shrink the size of the json files we load,
resulting in a much faster initial load. People rarely care
about more than 100 runs. For the cases they do, they can still click
the show all runs checkbox to show 500 runs.

Remove incorrect test expectations for tests that are lately consistently
passing on all the Gtk builders but only turned out to be passing after
the Gtk port moved from using Skipped list to test_expectations.txt.
Their proper bug entries will be handled later, after all the tests are
confirmed to still pass. If any test backfires the correct test expectation
will be renewed and bug entries refreshed with latest information.

No new tests. This change is already covered by a suite of keyboard
handling unit tests in WebKitGTK+. There are some changes in behavior,
but they are difficult to test without mocking out an entire GtkIMContext.

Add a struct, CompositionResults, which is used by PlatformKeyboardEvent
to package composition information with a keyboard event. Also add some logic
to PlatformKeyboardEvent to give the right information when it has composition
results.

GNUmakefile.list.am: Added new sources to the list.

platform/PlatformKeyboardEvent.h: Added a new CompositionResults member,

getter, and argument to the constructor.

platform/gtk/CompositionResults.h: Added.

platform/gtk/GtkInputMethodFilter.cpp: Added.

platform/gtk/GtkInputMethodFilter.h: Added.

platform/gtk/PlatformKeyboardEventGtk.cpp:

(WebCore::PlatformKeyboardEvent::windowsKeyCodeForGdkKeyCode): When
the key value is void return the VK_PROCESS keycode, which is the keycode
that web content expects with keystrokes that trigger composition events.
(WebCore::eventTypeForGdkKeyEvent): Abstract out this helper.
(WebCore::modifiersForGdkKeyEvent): Abstract out this helper.
(WebCore::PlatformKeyboardEvent::PlatformKeyboardEvent): When a PlatformKeyEvent
has composition results, use VK_PROCESS as the keycode for this event.
(WebCore::PlatformKeyboardEvent::disambiguateKeyDownEvent): When this event is
transformed into a Char event, the PlatformKeyboardEvent used for DOM keypress
events, and it has composition results clear the text members. This forces the
EventHandler code to drop the keypress event. Platform events that change the
composition states do not have corresponding keypress DOM events (only keydown
and keyup events), so this is necessary to ensure web compatibility.

Source/WebKit/gtk:

Rework input method handling logic into a class called GtkInputMethodFilter.
This filter now runs before WebCore event handling, allowing the code to more
easily fake simple compositions that should be seen as keystrokes. We can also
filter keypresses that should not go to web content at all, such as key up events
related to key down events that were filtered.

Also added is a WebViewInputMethodFilter which is a concrete implementation of
GtkInputMethodFilter. This class contains logic for actually sending events to
WebCore. In WebKit2 an implementation of GtkInputMethodFilter will send events
across the IPC channel.

events from this class, because it's now in the GtkInputMethodFilter.
(WebKit::EditorClient::setInputMethodState): Call into the filter.
(WebKit::EditorClient::shouldBeginEditing): We no longer need to update the composition here.
This is handled by the focus in and focus out logic in the filter.
(WebKit::EditorClient::shouldEndEditing): Ditto.
(WebKit::EditorClient::respondToChangedSelection): Call into the filter now.
(WebKit::EditorClient::handleInputMethodKeyboardEvent): Added this helper which executes
any pending composition confirmation or preedit update actions as the default action of
the keydown event.
(WebKit::EditorClient::handleKeyboardEvent): Call handleInputMethodKeyboardEvent to do
any pending composition action.
(WebKit::EditorClient::handleInputMethodKeydown): Remove all the logic from this method.
Keys are filtered before they are sent to WebCore now and the actual action of input method
events happens in the keydown default action to increase compatibility with other browsers.
(WebKit::EditorClient::EditorClient): Remove context signal management.
(WebKit::EditorClient::~EditorClient): Ditto.

WebCoreSupport/EditorClientGtk.h:

(EditorClient): No longer has some members that tracked IME status.

WebCoreSupport/WebViewInputMethodFilter.cpp: Added.

WebCoreSupport/WebViewInputMethodFilter.h: Added.

webkit/webkitwebview.cpp:

(webkit_web_view_get_property): Get the context from the filter now.
(webkit_web_view_key_press_event): Just send events straight to the filter.
The filter will decide whether or not to send them to WebCore.
(webkit_web_view_key_release_event): Ditto.
(webkit_web_view_button_press_event): Use the filter to handle button press
events related to IME.
(webkit_web_view_focus_in_event): Notify the filter now.
(webkit_web_view_focus_out_event): Ditto.
(webkit_web_view_realize): The filter takes care of listening for realize now.
(webkit_web_view_init): Set the WebView widget on the filter.

webkit/webkitwebviewprivate.h: Change the GtkIMContext member to be a GtkInputMethodFilter member.

Unreviewed, removing incorrect test expectations for tests that turned
to be passing on all the Gtk builders after moving from using Skipped
to test_expectations.txt and have the generic BUGWKGTK modifier.

Enable the fullscreen API for Qt port. It is only
supported on WebKit2. It adds experimental settings
to enable it and also add two experimental signals so
the API user can react when the fullscreen is requested
(e.g hide the urlbar of a browser and change the state
of the window to be fullscreen).

This change modifies the default ImageDecoder for Qt-port from QImageDecoder to WebCore ImageDecoder.
The new behavior is to use QImageDecoder only if WebCoreImageDecoder doesn't support the requested
image type.
The WTF_USE_QT_IMAGE_DECODER macro has been removed, since it is no longer needed.

This change adds build depedency for libpng-dev and libjpeg-dev packages, becuase PNG and JPEG imagedecoders
need not only these libraries, but their headers also. Qmake-config tests for these libraries were
introduced in r110045.

WebKit2 build was broken while WebKit2 build was disabled in bots,
so nobody noticed it. Disable the WebKit2 build for now to keep
the bots green again until we find the actual commit that
broke the WebKit2 build.

ContentSecurityPolicy has a back pointer to ScriptExecutionContext.
That means we shouldn't share a single ContentSecurityPolicy object
between multiple ScriptExecutionContexts. This patch copies the state
from one ScriptExecutionContext to another rather than sharing the
ContentSecurityPolicy object itself.

This resulted in a subtle but w.r.t. blocking eval. Because we block
eval by setting a bit in the JavaScript engine when enforcing the
policy, that bit wasn't copied along with the rest of the state when we
were sharing the ContentSecurityPolicy object. Now that we use the
more robust ContentSecurityPolicy::copyStateFrom function, we don't
have that bug.

The standard format of commit messages and ChangeLog entries has a
short summary in the first line, followed by the bug URL in
Bugzilla. Passing "%s" in the pretty format line to git-rev-list
merges these two lines into a single one separated by a space
character, which is not what we want.

Since "%s%n%n%b" is in practice "%B" (raw message), use it
instead, as the first two lines do not end up being merged
together.

No new tests. Covered by existing tests: fast/images/png-extra-row-crash.html in
particular.

platform/image-decoders/png/PNGImageDecoder.cpp:

(WebCore::PNGImageDecoder::rowAvailable): Use colorChannels consistently. Split
the useful libpng comments in two, then place the early-out code and conditions
inbetween. The png variable is only used in one place so move it there.

We only free bytes allocated to a RenderArena when destroying the Document.
Histogram both the render tree size and the total bytes allocated. This
gives a better sense of the overhead of RenderArena as well as giving a more
accurate number for the amount of actual memory used by the render tree.

No new tests. This is not webfacing, so this can't be tested without adding
API to layout test controller, which doesn't seem worth it for this code.

My Perl-fu is very weak. This moves the feature option list off into a separate module
file so that I can easily autogenerate just that file with the fancy new generate-feature-files command.
It's a bit odd to have an array which we return out to build-webkit to modify, but it turns out
not to matter. Also, build-webkit doesn't actually use any of the variables we're using to
store the results from the option parse, so those end up inaccessible from build-webkit (except by reference)
which is actually cleaner. Callers can't assume that they would get a new array every time, but someone
with more Perl-fu than I could create something fancier than this if we need in the future.

As discussed at the W3C WebAppSec face-to-face meeting, there's no
point in blocking about:blank iframes or objects because blocking a
frame or object just results in displaying about:blank anyway. This
patch just removes the spurious console message and violation report.

The old approach relied on pkg-config for finding Cairo (which
introduced a dependency on pkg-config that could be avoided), used
the LibFindMacros code that we should probably remove in the
future and did not use the FindPackageHandleStandardArguments
module.

Change all that by rewriting the module.

Use the pkg-config output optionally instead of requiring it

like LibFindMacros did.

Remove the implicit dependency on FreeType which often found it

the wrong way via pkg-config and without considering
CMAKE_PREFIX_PATH.

Retrieve the Cairo version by looking at cairo-version.h instead

of relying on pkg-config. It requires some additional code for
checking if the desired version has been found, but that will not
be needed once we start depending on CMake 2.8.3 or later.

The only downside is that FPHSA sets <UPPERCASED_NAME>_FOUND
instead of <Name>_FOUND, and to keep things consistent
Cairo_LIBRARIES and Cairo_INCLUDE_DIRS have become CAIRO_LIBRARIES
and CAIRO_INCLUDE_DIRS.

The sorting assumes that the column header name matches a field
in the testResults object and uses that field for sorting.
Filter the bugs out of the modifiers list and put them in a bugs field
and only put the non-bug modifiers in the modifiers list.

Update IDBObjectStore.openCursor, IDBIndex.openCursor,
IDBIndex.openKeyCursor, IDBDatabase.transaction,
IDBCursor.direction, IDBTransaction.mode, and
IDBRequest.readyState to meet the latest spec. All of these APIs
now support string-based values in addition to the
legacy/deprecated enum-based values.

Remove these last two odd-men-out, so that we can generate the default feature options
for build-webkit using the new generate-feature-files command.
The Mac build system has some special casing for ENABLE_ defines which gets them
defined as -D on the build command, even though initially they start out as
environment variables ENABLE_FOO = ENABLE_FOO. The Feature options in build-webkit
depend on this support, but it doesn't work for WTF_USE_ defines like WTF_USE_WTF_URL.
I'm told that WTF_URL is not actively being worked on, so just removing it for now.
It should probably come back to life as an ENABLE_, or build-webkit or the Xcode projects
should be made generically smarter about these USE_WTF defines.
(There is still WTF_USE_TILED_BACKING_STORE in the feature list, but it only seems
used by Qt. If someone tried build-webkit --tiled-backing-store on Mac today it
would not work!)

Chromium still supports Leopard (for a little while yet), but AppleMacWebKit dropped
Leopard support several months ago. Remove the last bits of isLeopard() branching
in our Perl scripts, since no one is using this (Chromium has never used this Perl code).

r93938 had a bug where floating point numbers where compared exactly,
exposing a bug when floating point precision was not sufficient. This
change compares against an epsilon value to get around these precision
issues.

Currently reportAbandonedObjectGraph causes the Heap to think it is closer to its
allocation limit for the current cycle, thus hastening an allocation-triggered collection.
In reality, it should just affect the opportunistic GC timer. We should track the bytes
we think have been abandoned and the bytes that have been allocated separately.

heap/Heap.cpp: Added a new field m_abandonedBytes to Heap to keep track of how much

we think we've abandoned.
(JSC::Heap::Heap):
(JSC::Heap::reportAbandonedObjectGraph):
(JSC):
(JSC::Heap::didAbandon): Added this function for reportAbandonedObjectGraph to call
rather than didAllocate. Works the same as didAllocate, but modifies bytes abandoned rather
than bytes allocated. Also notifies the timer, summing the two values together.
(JSC::Heap::collect):
(JSC::Heap::didAllocate): Now adds the bytes allocated and bytes abandoned when reporting
to GCActivityCallback.

Locking performance tests (like we do for http tests) will force them
to run in serial. This reduces the load of the machine when running perf
tests and minimizes the chances of the tests to fail, specially
timeouts.

It looks like we may be getting an IOError raised during
select() on chromium mac, and that error isn't being caught.
Pushing it into the try/catch block will hopefully catch this
and allow us to see why the subprocess is crashing.

(WebKit):
Set the interface sizes for WKBundlePageFormClient; version 1 includes
willSendSubmitEvent.

Shared/APIClientTraits.h:

Declare a specialization for WKBundlePageFormClient.

WebProcess/InjectedBundle/API/c/WKBundlePage.h:

Bump the WKBundlePageFormClient version number.

Tools:

TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj:

Added new files to project.

TestWebKitAPI/Tests/WebKit2/WillSendSubmitEvent.cpp: Added.

(TestWebKitAPI::didReceiveMessageFromInjectedBundle):
Look for the "DidReceiveWillSendSubmitEvent" message. The message body
will be the dictionary of form control names and values passed to the
injected bundle's willSendSubmitEvent handler; look for the pairs
"textField" -> "text field" and "passwordField" -> "password field".
Check that "hiddenField" is not included.
(TestWebKitAPI::setInjectedBundleClient):
(TestWebKitAPI::TEST):

TestWebKitAPI/Tests/WebKit2/WillSendSubmitEvent_Bundle.cpp: Added.

(TestWebKitAPI::willSendSubmitEvent):
Post a message to the TestWebKitAPI process with the dictionary of form
control names and values that we received.
(TestWebKitAPI::WillSendSubmitEventTest::WillSendSubmitEventTest):
(TestWebKitAPI::WillSendSubmitEventTest::didCreatePage):
Set up the page's form client.

Modifies TouchpadFLingGestureCurve to use an exponential, rather than polynomial, curve.
This change appears to improve the overall feel of touchpad fling, and substantially
improves small-fling performance.

FractionalLayoutUnit is a new type that uses an integer to represent a fraction of a pixel.
We're also adding a feature flag -- ENABLE_SUBPIXEL_LAYOUT -- that toggles this fraction
between 1/1 and 1/60. Initially, all platforms will default to subpixel layout being off,
so FractionalLayoutUnits will effectively continue to act as integers.

With ENABLE_SUBPIXEL_LAYOUT turned on, FractionalLayoutUnits accumulate error from sub-pixel
CSS values and applied zooming, and painting uses pixel-snapping to align these values
to pixels. See ​http://trac.webkit.org/wiki/LayoutUnit for details.

In a number of previous patches, LayoutUnits were plumbed throughout the rendering tree
to prepare for this change. This included a number of functions in LayoutTypes.h and
the IntRect/Point/Size classes that were effectively no-ops while LayoutUnits were
integers. Subsequent patches will remove unnecessary versions of these functions; see​http://webkit.org/b/84616 for tracking these changes.

Xcode used to have a bug whereby it didn't notice if you changed the #defines
passed on the command line to xcodebuild. I wrote code to work around this
while bringing up SVG support 5-6 years ago. I think we can finally remove this
code from build-webkit, since SVG is the only feature flag to ever use it
(modern in-progress features like MathML don't seem to be using the support)
an I suspect the XCode bug has long been fixed.

r114283 added logic that allows compositing layers to avoid allocating their own
backing store and to paint into an ancestor instead. However, that caused
assertions in RenderLayer::updateClipRects() about m_clipRectsRoot being
incorrect, because clip rect code assumed that compositing layers
always painted themselves.

Fixed by calling paintsIntoCompositedAncestor() in RenderLayer::clippingRoot(),
so that clip rect computation matches painting.

I wasn't able to easily make a test that reproduces the assertion in DRT.

Rename SVGImageCache::SizeAndZoom to SVGImageCache::SizeAndScales, as it carries more than just zoom now.

Pass the product of the device and page scales through everything that takes a SVGImageCache::SizeAndScales,
using it to inflate the size of the buffer created in lookupOrCreateBitmapImageForRenderer,
and to inflate the destination rectangle passed to SVGImage::draw, which will cause a transformation
on the context being drawn into.

Invalidate the SVGImageCache entry on device/page scale changes in addition to zoom changes.

(ServerProcess.init): Remove the executive parameter as it was
not passed by any caller, obtain a SystemHost from port_obj
instead.
(ServerProcess._log): Style, remove extra empty line.
(ServerProcess._start):
(ServerProcess.stop):
(ServerProcess.kill):

Scripts/webkitpy/layout_tests/port/server_process_unittest.py:

(TrivialMockPort.init): Create a MockSystemHost used by
ServerProcess.
(TestServerProcess.test_broken_pipe): Test different platforms.

The spec defines the behavior for generated keys up to 253
(the maximum integer storable as an ECMAScript number) and
the error case when going beyond that. Ensure that we can
handle values up to that point and generate errors beyond.

Use the cloneForCSSOM() mechanism in CSSValue to expose CSSImageValue to bindings as a URI
primitive value. This matches the specced behavior of computed image values, and restores our
previous behavior without having CSSImageValue subclass CSSPrimitiveValue.

Also added a failsafe return after the isCSSOMSafe() assertion in the JSC bindings, since it's
better to expose an incorrect return value than an insecurely shared one, should we have or add
bugs in this code.

bindings/js/JSCSSValueCustom.cpp:

(WebCore::toJS):

css/CSSImageValue.cpp:

(WebCore::CSSImageValue::cloneForCSSOM):

css/CSSImageValue.h:

css/CSSValue.cpp:

(WebCore::CSSValue::cloneForCSSOM):

LayoutTests:

Update fast/css/image-value-type.html to reflect that CSSImageValue are now exposed
as primitive values in the CSSOM.

(WebCore::HTMLFormControlElement::removedFrom): Only set the invalid ancestor flag.
The element will be detached from the document so there is no need to update the style.
And the validation message will be hidden by the blur event.
(WebCore::HTMLFormControlElement::willValidate): Because of the change to removedFrom,
m_ancestorsValid may be false.

Change RenderLayerCompositor to always use overlap testing when possible.

Rather than turn off overlap testing wholesale when encountering a non-affine
transform, or starting an accelerated transform animation, we constrain
the disabling of overlap testing to within overflow:hidden areas when possible.

Tests: compositing/layer-creation/overlap-animation.html

compositing/layer-creation/overlap-transforms.html

rendering/RenderLayerBacking.cpp:

(WebCore::RenderLayerBacking::setCompositedBounds): Whitespace fix.

rendering/RenderLayerCompositor.cpp:

(WebCore::CompositingState::CompositingState):
(CompositingState): Add a member boolean to track whether we're testing overlap. Add a copy
constructor.
(WebCore::RenderLayerCompositor::updateCompositingLayers): Initialize the 'testing overlap'
setting based on m_compositingConsultsOverlap (though this will always be true until removed
in a future commit).
(WebCore::RenderLayerCompositor::updateBacking): No longer turn off overlap testing
when we see a non-affine transform.
(WebCore::RenderLayerCompositor::computeCompositingRequirements): No need for the 'struct'
in the arguments.
Consult compositingState.m_testingOverlap to see if we want to test overlap.
Use the new CompositingState copy ctor for childState, but set m_subtreeIsCompositing to false
as before.
If this layer is composited, look to see if need to disable over lap testing based on
the transform or an animation.
Just as we propagate m_subtreeIsCompositing, we have to propagate m_testingOverlap=false
for the rest of the traverse.
If we've just processed a layer which clips compositing descendants, we can go back
to testing for overlap.
(WebCore::RenderLayerCompositor::didStartAcceleratedAnimation): No need to do anything
here now. It will be removed in future.
(WebCore::RenderLayerCompositor::hasNonAffineTransform): No longer check
perspective here, since that doesn't affect whether _this_ layer should disable
overlap testing. Checking for a non-affine transform is sufficient.
(WebCore::RenderLayerCompositor::isRunningAcceleratedTransformAnimation):
New method to check if AnimationController is running a transform animation.

rendering/RenderLayerCompositor.h:

(RenderLayerCompositor):

LayoutTests:

Reviewed by Antti Koivisto.

Two new tests that check for layer creation outside of an overflow:hidden
stacking context.

Updated results for other tests whose results are affected by the
'compositingConsultsOverlap' flag; their layers are now constrained to
the viewport.

In flipped blocks writing modes, flipping was being applied twice to box descendants of
inline children of the flipped block, once during RenderBox::mapLocalToContainer, and then
again by RenderInline::mapLocalToContainer. The fix is to make the latter only apply the
flip to local coordinates originating in the inline or a descendant inline. This is done
by adding a parameter of type ApplyContainerFlipOrNot, which defaults to ApplyContainerFlip
but is reset to DoNotApplyContainerFlip in recursive calls into mapLocalToContainer().

Each parse value helper function was checking whether the value string was empty. For the
common case this check is already done by StylePropertySet::setProperty(). So this patch
make CSSParser::parseValue() assume the value string is not empty, and fix the other two
clients.

Test: fast/html/font-face-empty-should-not-crash.html

css/CSSParser.cpp:

(WebCore::parseColorValue): Replace the string empty check by an ASSERT() to document
function's expectations.
(WebCore::parseSimpleLengthValue): Ditto.
(WebCore::parseKeywordValue): Ditto.
(WebCore::CSSParser::parseFontFaceValue): This will be covered by the added test.
(WebCore::CSSParser::parseValue):

css/WebKitCSSMatrix.cpp:

(WebCore::WebKitCSSMatrix::setMatrixValue): This is already covered by
transforms/cssmatrix-2d-interface.xhtml.

(WebCore::SelectorChecker::SelectorChecker):
Setting the default value for the enum member m_mode to ResolvingStyle.

(WebCore::SelectorChecker::checkSelector):
Instead of verifying against the bool m_isCollectingRulesOnly, we now check whether or not
m_mode is set to ResolvingStyle.

(WebCore::SelectorChecker::checkOneSelector):
Instead of verifying against the bool m_isCollectingRulesOnly, we now check whether or not
m_mode is set to ResolvingStyle. Also, for the pseudo-elements case we check if its
value is set to QueryingRules in which case we return false.

css/SelectorChecker.h:

(WebCore::SelectorChecker::mode):
Returns the mode (m_mode) value.

(WebCore::SelectorChecker::setMode):
Sets the mode (m_mode) to the passed enum value.

Replace gdk_init() initialization call with the g_type_init()
call. GdkPixbufLoader doesn't actually need the current call to be
made and this change will also remove crashes when ImageDiff
is started in an environment without a DISPLAY env.

Fix a typo in the original test and update the expectations.
The purpose of this test is to verify that region styling is NOT enabled for inline elements. The test was passing
because region styling rule was not applied due to incorrect region selector.

The corrected test makes sure that region styling rule has the right region selector and can be applied to the first region in the test file.

The API added for DOMWindowExtension, didCreateGlobalObjectForFrame, would create a global object
for every world, even those that did not need the callback. This had the side effect of creating a
JSDOMWindowShell that the associated world didn't necessarily know to clean up. Instead of creating
unnecessary objects change the API to globalObjectIsAvailableForFrame and do not pass the global object
in the API. The object can be accessed later by those worlds which require it.

Follow-up patch: Add const Foo& foo() const accessors to SVGAnimatedType,
to avoid the "Foo& foo = animated->foo()" idiom in all cases where we
don't need to mutate 'foo'. Use "const Foo& foo = animated->foo()" instead.
Inline all of these methods to avoid the function call overhead.

For to-animations we actually mutated the from value before, but it wasn't a
problem in practive, as we did that on every animation step. Fully avoid these
inconsitencies by never mutating the from/to types stored in SVGAnimateElement.

Cache toAtEndOfDurationType just like m_toType/m_fromType in SVGAnimateElement,
to avoid reconstructing it on every animation step.

What's expected?
Two times should be contained in the 'begin' times list in SVGSMILElement: m_beginTimes = { 0s, 2s }.
The initial first resolved interval is: m_intervalBegin=0.0s, m_intervalEnd=8.0s.

During t=0s..1.9999s the m_intervalBegin/m_intervalEnd are correct.
At t=2s, a new interval can be started. m_intervalEnd should be set to nextBeginTime, where nextBeginTime=2s.
The current interval should get cropped to: m_intervalBegin=0s, m_intervalEnd=2s. The following call to
resolveNextInterval() sees that elapsed >= m_intervalEnd, and thus moves on to the next interval.
m_intervalBegin should be 2s and m_intervalEnd=10s after that.

In trunk this behavior is only partly implemented and broken. Especially broken together with seeking via SVGSVGElement.setCurrentTime.
That's because we don't correctly seek to the right interval in case of multiple begin values, eg. if we sample an animation with
begin="0s; 3s" dur="6s" we always remain in the first interval and don't move on.

Fix all of these issues, making lots more tests work in Dr. Olaf Hofmanns SVG Animation test suite.

Don't add small opaque areas (smaller than 160x160) to the occlusion
tracker's Region objects to avoid high Region::unite() costs.

We would like Region to just be fast enough that this isn't a concern,
and there are patches in flight to do this, but at the moment, small
opaque areas add significant cost if there is many of them, for
potentially small gains since they do not cover entire tiles.

notifications/DOMWindowNotifications.idl: Wrap webkitNotifications as part of legacy API.

notifications/Notification.cpp: New permission functions are wrapped with ENABLE(NOTIFICATIONS)

(WebCore::Notification::taskTimerFired): Use the new permission functions to determine whether we can show the
notification.
(WebCore::Notification::permissionLevel):
(WebCore::Notification::permissionString): Declare three static locals for each of the values, and return
based on the permission enum.
(WebCore::Notification::requestPermission): Forward request to client.

WebCoreSupport/WebNotificationClient.mm: Add a separate callback
variable depending on the notifications API enabled.
(WebNotificationClient::requestPermission): Add
NotificationPermissionCallback version of the same
function. And refactor common code into private function.
(-[WebNotificationPolicyListener initWithCallback:]): Refactor to
take the NotificationPermissionCallback as a parameter.
(-[WebNotificationPolicyListener initWithVoidCallback:]): Add new
init method to handle legacy API.
(-[WebNotificationPolicyListener allow]): Invoke the callback for
both variables. If only one of the APIs is enabled, we are
guaranteed that the relevant callback variable exists. If both
APIs are supported, it is possible that _voidCallback will be nil
if the callback is NotificationPermissionCallback, so we need the
extra pointer check.
(-[WebNotificationPolicyListener deny]): Ditto.

(WebKit::NotificationPermissionRequestManager::startRequest): Add version to support both kinds of
callbacks.
(WebKit::NotificationPermissionRequestManager::cancelRequest):
(WebKit::NotificationPermissionRequestManager::didReceiveNotificationPermissionDecision):

WebProcess/Notifications/NotificationPermissionRequestManager.h: Add another map for new callback type.

(NotificationPermissionRequestManager):

WebProcess/Notifications/WebNotificationManager.cpp:

(WebKit::WebNotificationManager::show): Add #ifdef to use replaceId() or tag() depending on which feature
has been enabled. In the case where both are enabled, we prefer tag() since that is in the latest spec.